$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3233312e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: 3zNl9QPxwFV4edQhVMCJxnLjianzmdRSes5SZUBTIJM= Subject key identifier: A3:84:56:08:7B:C5:5A:DB:57:FB:76:82:75:EA:F5:CE:5A:A2:79:76 Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 217A497B999C825B8040FBAE6FD7172C3E61405B Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa Signing time: Wed 19 Feb 2025 11:00:01 +0000 ROA not before: Wed 19 Feb 2025 10:55:01 +0000 ROA not after: Wed 18 Feb 2026 11:00:01 +0000 asID: 38764 IP address blocks: 120.29.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 04:11:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:7a:49:7b:99:9c:82:5b:80:40:fb:ae:6f:d7:17:2c:3e:61:40:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Feb 19 10:55:01 2025 GMT Not After : Feb 18 11:00:01 2026 GMT Subject: CN=A38456087BC55ADB57FB768275EAF5CE5AA27976 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f5:9a:d3:4c:49:d5:10:93:56:37:0c:de:7c: 8b:ec:23:eb:99:c0:11:e3:2d:c7:cf:fe:57:2f:8f: 44:74:83:7c:52:a0:58:28:a0:95:a7:e8:dd:81:59: db:a9:e3:74:ed:a0:e4:00:1e:27:c9:51:ae:a6:79: 0e:3e:77:50:ee:50:e5:08:a7:9c:b6:d1:b0:54:05: b3:8d:ec:f7:19:67:87:d9:0e:6d:1a:be:f5:87:cc: 13:0f:17:9b:76:9a:66:0b:07:2e:61:73:01:a1:2d: 61:85:ac:17:dc:58:b1:a8:ed:f1:d9:30:e6:06:d3: 11:27:d5:76:3d:44:46:e6:fc:af:31:4c:7d:ca:a0: e7:3b:94:2a:32:5b:0a:5a:f9:a6:a8:e8:1e:a4:a9: 90:82:0c:b6:ba:ba:5b:75:91:49:9c:04:f7:3b:16: 0d:84:2a:fd:80:3d:6f:f3:75:18:ad:e2:5e:b5:e6: 03:e0:3d:ae:6a:28:4a:0a:f6:3d:a3:da:41:51:68: 6d:5f:a5:33:55:e1:de:e9:c2:6b:ef:c0:b6:05:b1: cc:2a:e6:58:d9:14:27:43:af:77:ca:aa:29:ef:eb: 3f:4d:c7:ae:3c:3d:f6:54:dd:9b:b1:75:dd:50:19: c5:45:a2:60:07:b9:7b:25:2e:74:52:3e:9e:09:49: 2d:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:84:56:08:7B:C5:5A:DB:57:FB:76:82:75:EA:F5:CE:5A:A2:79:76 X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.231.0/24 Signature Algorithm: sha256WithRSAEncryption 73:9b:04:2a:cf:9a:2b:0a:eb:f9:bc:1e:3a:86:d5:78:1f:70: 15:eb:a0:9c:91:bc:e2:07:81:71:4c:32:2c:77:2f:4a:fa:8b: 94:88:fc:4f:86:07:f8:05:b4:e5:cf:b1:90:46:60:04:4e:96: 1c:bf:53:0b:0e:e6:3b:4a:f2:df:fe:40:f6:f4:4f:2c:55:18: f5:b3:44:61:7a:37:76:ad:f3:e8:e1:55:bf:8d:ab:8a:df:8d: 66:cc:67:ff:22:cf:67:f0:da:60:c5:6c:36:bd:7a:9c:e5:7a: af:7b:fe:c8:0d:73:67:e6:9c:67:0f:fb:df:d4:83:9a:48:c5: c3:98:03:41:91:b3:a6:97:9c:9a:eb:af:27:68:67:2b:98:95: ea:0b:1f:4e:8c:eb:bd:e7:9b:b0:8e:fc:0f:9c:f1:c6:03:70: 76:62:69:6d:3b:35:08:ba:cc:8d:3e:d3:ef:a2:d3:8b:03:7f: e4:d0:0b:e5:c3:b8:0d:8c:fe:4b:68:57:55:0c:fc:9b:f3:a4: 64:b6:f8:b9:e4:15:bf:f6:4c:e9:ed:8f:ac:98:3e:65:75:93: 08:4f:4f:ab:aa:72:ae:89:31:82:0b:45:44:13:8e:9e:ef:72: 73:54:eb:99:78:00:5a:6f:ff:22:16:fa:63:29:5f:ba:e7:c0: 5f:f2:9e:2e -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUIXpJe5mcgluAQPuub9cXLD5hQFswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNTAyMTkxMDU1MDFaFw0yNjAyMTgxMTAwMDFaMDMxMTAvBgNV BAMTKEEzODQ1NjA4N0JDNTVBREI1N0ZCNzY4Mjc1RUFGNUNFNUFBMjc5NzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+9ZrTTEnVEJNWNwzefIvsI+uZ wBHjLcfP/lcvj0R0g3xSoFgooJWn6N2BWdup43TtoOQAHifJUa6meQ4+d1DuUOUI p5y20bBUBbON7PcZZ4fZDm0avvWHzBMPF5t2mmYLBy5hcwGhLWGFrBfcWLGo7fHZ MOYG0xEn1XY9REbm/K8xTH3KoOc7lCoyWwpa+aao6B6kqZCCDLa6ult1kUmcBPc7 Fg2EKv2APW/zdRit4l615gPgPa5qKEoK9j2j2kFRaG1fpTNV4d7pwmvvwLYFscwq 5ljZFCdDr3fKqinv6z9Nx648PfZU3Zuxdd1QGcVFomAHuXslLnRSPp4JSS1JAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUo4RWCHvFWttX+3aCder1zlqieXYwHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMzMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5zANBgkqhkiG 9w0BAQsFAAOCAQEAc5sEKs+aKwrr+bweOobVeB9wFeugnJG84geBcUwyLHcvSvqL lIj8T4YH+AW05c+xkEZgBE6WHL9TCw7mO0ry3/5A9vRPLFUY9bNEYXo3dq3z6OFV v42rit+NZsxn/yLPZ/DaYMVsNr16nOV6r3v+yA1zZ+acZw/739SDmkjFw5gDQZGz ppecmuuvJ2hnK5iV6gsfTozrveebsI78D5zxxgNwdmJpbTs1CLrMjT7T76LTiwN/ 5NAL5cO4DYz+S2hXVQz8m/OkZLb4ueQVv/ZM6e2PrJg+ZXWTCE9Pq6pyrokxggtF RBOOnu9yc1TrmXgAWm//Ihb6YylfuufAX/KeLg== -----END CERTIFICATE-----Generated at Sun Apr 6 08:23:38 2025 by rpki-client